How severe is CVE-2020-3484?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2020-3484?

This is classified as CWE-16, which is a common weakness in software security.

CVE-2020-3484 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to view potentially sensitive information on the affected device.

Related Vulnerabilities

CVE-2018-15448

MEDIUM

CVSS:5.3(Medium)

A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use thi...

CWE-162018

CVE-2019-1868

MEDIUM

CVSS:5.3(Medium)

A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to...

CWE-162019

CVE-2021-31380

MEDIUM

CVSS:5.3(Medium)

A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclos...

CWE-162021

CVE-2021-35233

MEDIUM

CVSS:5.3(Medium)

The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnostic purposes only. If enabled, the web server will respond to requests that u...

CWE-162021

CVE-2019-19002

MEDIUM

CVSS:5.4(Medium)

For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might inc...

CWE-162019

CVE-2018-11922

MEDIUM

CVSS:5.5(Medium)

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

CWE-162018